1. Patchew
  2. linux
  3. View series

[PATCH] firmware: arm_scmi: fix the double free in scmi_debugfs_common_setup()

Su Hui posted 1 patch 1 month, 2 weeks ago 
drivers/firmware/arm_scmi/driver.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
[PATCH] firmware: arm_scmi: fix the double free in scmi_debugfs_common_setup()
Posted by Su Hui 1 month, 2 weeks ago 
Clang static checker(scan-build) warning:
drivers/firmware/arm_scmi/driver.c:line 2915, column 2
Attempt to free released memory.

When devm_add_action_or_reset() failed , scmi_debugfs_common_cleanup()
will run twice which caused double free of 'dbg->name'.
Remove the redundant scmi_debugfs_common_cleanup() to fix this problem.

Fixes: c3d4aed763ce ("firmware: arm_scmi: Populate a common SCMI debugfs root")
Signed-off-by: Su Hui <suhui@nfschina.com>
---
 drivers/firmware/arm_scmi/driver.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/drivers/firmware/arm_scmi/driver.c b/drivers/firmware/arm_scmi/driver.c
index 88c5c4ff4bb6..a477b5ade38d 100644
--- a/drivers/firmware/arm_scmi/driver.c
+++ b/drivers/firmware/arm_scmi/driver.c
@@ -2976,10 +2976,8 @@ static struct scmi_debug_info *scmi_debugfs_common_setup(struct scmi_info *info)
 	dbg->top_dentry = top_dentry;
 
 	if (devm_add_action_or_reset(info->dev,
-				     scmi_debugfs_common_cleanup, dbg)) {
-		scmi_debugfs_common_cleanup(dbg);
+				     scmi_debugfs_common_cleanup, dbg))
 		return NULL;
-	}
 
 	return dbg;
 }
-- 
2.30.2
Re: [PATCH] firmware: arm_scmi: fix the double free in scmi_debugfs_common_setup()
Posted by Sudeep Holla 1 month, 1 week ago 
On Fri, 11 Oct 2024 18:40:02 +0800, Su Hui wrote:
> Clang static checker(scan-build) warning:
> drivers/firmware/arm_scmi/driver.c:line 2915, column 2
> Attempt to free released memory.
> 
> When devm_add_action_or_reset() failed , scmi_debugfs_common_cleanup()
> will run twice which caused double free of 'dbg->name'.
> Remove the redundant scmi_debugfs_common_cleanup() to fix this problem.
> 
> [...]

Applied to sudeep.holla/linux (for-next/scmi/fixes), thanks!

[1/1] firmware: arm_scmi: fix the double free in scmi_debugfs_common_setup()
      https://git.kernel.org/sudeep.holla/c/39b13dce1a91
--
Regards,
Sudeep
Re: [PATCH] firmware: arm_scmi: fix the double free in scmi_debugfs_common_setup()
Posted by Cristian Marussi 1 month, 2 weeks ago 
On Fri, Oct 11, 2024 at 06:40:02PM +0800, Su Hui wrote:
> Clang static checker(scan-build) warning:
> drivers/firmware/arm_scmi/driver.c:line 2915, column 2
> Attempt to free released memory.
> 
> When devm_add_action_or_reset() failed , scmi_debugfs_common_cleanup()
> will run twice which caused double free of 'dbg->name'.
> Remove the redundant scmi_debugfs_common_cleanup() to fix this problem.
> 

Oh Yes...my bad, Good Catch !

LGTM.
Reviewed-by: Cristian Marussi <cristian.marussi@arm.com>

Thanks,
Cristian

Patchew 2.1-devel-b67e4c2

© 2016 - 2024 Red Hat, Inc.